From owner-freebsd-audit Thu Apr 20 18:55:38 2000 Delivered-To: freebsd-audit@freebsd.org Received: from ares.trc.adelaide.edu.au (ares.trc.adelaide.edu.au [129.127.246.5]) by hub.freebsd.org (Postfix) with ESMTP id 26E7A37B8EA for ; Thu, 20 Apr 2000 18:55:34 -0700 (PDT) (envelope-from glewis@ares.trc.adelaide.edu.au) Received: (from glewis@localhost) by ares.trc.adelaide.edu.au (8.9.3/8.9.3) id LAA81001 for freebsd-audit@freebsd.org; Fri, 21 Apr 2000 11:25:31 +0930 (CST) (envelope-from glewis) From: Greg Lewis Message-Id: <200004210155.LAA81001@ares.trc.adelaide.edu.au> Subject: Libsafe To: freebsd-audit@freebsd.org Date: Fri, 21 Apr 2000 11:25:31 +0930 (CST) X-Mailer: ELM [version 2.4ME+ PL70 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Just saw the announcement of a package called libsafe on Freshmeat today from a group at Bell Labs: -- Libsafe 1.3 Libsafe is a library which defends against buffer overflow attacks. It works by putting a wrapper around dangerous functions that contain any buffer overflows within the current stack frame, so that the return address can not be changed. -- Thought it might be relevant to the auditing project :). The home page is at http://www.bell-labs.com/org/11356/libsafe.html. I did download the source code, but haven't had time to look at it harder than figuring out it won't compile on FreeBSD out of the box. -- Greg Lewis glewis@trc.adelaide.edu.au Computing Officer +61 8 8303 5083 Teletraffic Research Centre To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message